For ages, mankind has been trying to improve the world. Each of us wants to have a more comfortable life but to work quicker and more efficiently at the same time. This is the same with programming. Software developers want to respond to the increasing customer requirements while staying competitive in terms of not only the quality but also the speed of implementation of subsequent projects. Therefore, you should ask yourself the following question before the execution of an order: “Which technology to select for optimum completion of the project?” And keep in mind the comfort of work of your programming personnel.
By analysing all arguments for and against the specific technology, you have to take into account the requirements of the project, you often come to the conclusion that Microsoft .NET is the best solution. Why? You don’t have to reinvent the wheel when you have .NET platform with a plethora of ready to use solutions which have been already in use and tested by millions.
This is by far the most important aspect of an application. So it should not come as a surprise that Microsoft decided to share ready-made mechanisms, in particular for web applications. Starting with the oldest ones: ASP.net Membership & Role provider. It is a set of interfaces and ready to use implementations for user account and user rights management. Already at the start of the project the programmer has the following functionalities at hand: sign in, log in (including saving the account information), password reminder or reset and role management. The security policy rules (such as password length and level of complexity, automatic log off, blocking an account after a series of unsuccessful login attempts, etc.) are available from the configuration level and not the application level, so you can delegate security management to the administrator. To use domain login method in principle configure another provider in the configuration application.
In the age of Internet of today, we are overwhelmed with the multitude of accounts (and the passwords in particular) and need to minimise their number. This task is now easier to complete due to huge popularity of social networking sites such as Facebook, Twitter and trusted sites corporations such as Google or Microsoft which may be used for authenticating the user’s identity.
OAuth — that’s the name of the authentication method; an open authentication standard which enables one website to share private resources from another site using the user name and a single-use password (token). The most important part is the fact that the site receiving the information does not have to know the structure of internal credentials and user authentication mechanisms (including the passwords!).
You have ready to use mechanisms at hand when creating a new ASP MVC project. Just a few extra lines of code are required to enable a user to log on to the new application using their Facebook, LinkedIn or Microsoft LiveID account. During logon, the user will be redirected to the “authenticator”’s site for authorization and to acceptance of the transfer of private data (e.g. pictures, content, etc.).
Currently there are many ready to use implementations of the OAuth standard provided by trusted authenticators (e.g. sites Facebook, Twitter or Google) but you can also create your own providers. This enables you to integrate new applications with the corporate accounts or the existing solutions already deployed in the company.
But security is not only about a username and password. When creating web applications (especially the ones publicly available on the Internet), remember that there are always some bad people out there who want to break something — or worse — nick something using various tricks. So remember that unlike other programming languages ASP MVC (
from version 3), the view rendering engine encodes the content as standard and does not allow malicious scripts to run.
But what does this mean in practice? The following example should clearly illustrate that:
@Html.Label("Enter Your name:")
@Html.TextBoxFor(m => m.FirstName)
<span>@Html.DisplayFor(m => m.FirstName)</span> @* wypisane przez html helper *@
<strong>FirstName encoded 2:</strong>
<span>@Model.FirstName</span> @* wypisane bezpośrednio do widoku *@
<span>@Html.Raw(Model.FirstName)</span> @* jawne wyłączenie kodowania *@
<input type="submit" value="Save" />
Also, when creating web solutions, you should not forget about the trends associated with appearance of sites. We’ve got it covered with ready to use templates for use with the well-known Twitter bootstrap — a CSS framework offering a complete package of tools for creating consistent, modern and responsive web applications. The Twitter bootstrap offers System grid which can be customized to meet your needs, a structure for building sites capable of adapting appearance and behaviour to the resolution of the device (RWD), navigation methods, bookmarks, notifications or a unified set of styles, font icons, forms, buttons, etc. The bootstrap is therefore an excellent basis for creating a coherent, unique and modern looking layout clean which may significantly affect…
Despite the existing Responsive Web Design (RWD) technology, still many businesses decide to create separate sites for mobile devices (mainly viewing on mobile phones). Using the .NET platform, and ASP MVC from version 4 in particular, you can build applications with a common logic but two or more different layouts — for desktop and mobile. What’s more, this is automatic. For example, using the view:
You can create a second file:
for use on a mobile device. And with a small extension of code, you can define additional views for specific browsers (and more specifically for the UserAgent), e.g.:
The action controller remains common and constant, e.g.:
public ActionResult Index()
HomeIndexViewModel model = new HomeIndexViewModel();
With the development of technology and a wide range of access methods to data and devices which can use the data, there is an increasing need for easier and more versatile access to them. The .NET platform includes WCF (Windows Communication Foundation) technology, i.e. a web service which brings together and unifies most of the up to date Microsoft technologies for web communication, e.g. .NET Remoting, Web Services, MSMQ while ensuring safety, efficiency, profiling and even transactionality.
The power of WCF manifests itself in the fact that the code may be configured in many ways simultaneously, for example:
– The service within the LAN can operate over TCP/IP – Another application may use http protocol to refer by downloading data in XML format using SOAP – The same functionality may be shared outside the internal network using the HTTPS protocol, e.g. in JSON format
With this solution many different applications can use exactly the same methods in a convenient format, the administrators will be able to configure access and safety rules even without programming skills, and the application logic remains consistent and easy to manage.
To respond to new trends in application building Microsoft also decided to use the ideal solution to support WebAPI creation by basing the implementation on ASP MVC technology. The WebAPI has been created with the idea to build so-called REST-full application, including:
– Rich-client web application — dynamic sites using many AJAX calls – Single-page application — using jQuery, Knockout.js and similar library will significantly increase the speed and ease of building websites – Web applications for mobile devices — due to the heavy structure of XML, the phones are prone to communicate better using REST model than in SOAP service standard.
WebAPI is also a great way for building distributed applications and provides the possibility to integrate with external systems. Taking into account the present trends and the need for linking and harmonizing of all services and applications as closely as possible, WebAPI seems to be a strong competitor to other solutions. Therefore it is no surprise that the Redmond-based company added excellent support for this technology in a very friendly to use form to their solutions.
The many solutions offered by the .NET platform is yet another advantage. Microsoft supplies tools which cooperate perfectly with each other, and often create a whole. From Visual Studio, thought to be one of the best programming environments which are also free to use including the engine (also free in the basic version) and MS SQL Server database tools. Apart from the standard functionalities which are part and parcel for any IDE, Visual Studio also provides an integrated packet manager Nuget which enables very simple, quick and convenient management of libraries, extensions or scripts in your project. When a package is installed using Nuget, all the necessary components are automatically added to the project (references, js scripts, CSS files, etc.) and distributed acoording to the accepted standards.
Native integration with version control systems (TFS and GIT) including the complete tool set from “Team studio” suite for supporting teamwork is another item for increasing productivity.
Tight integration with cloud solutions (Windows Azure) is another important element for supporting creation, remote debugging, deployment process and cloud service management. The Redmond based company also supplies advanced tools for application graphical interface design. And with a Microsoft Expression suite you can easily create visually rich applications for mobile devices, Windows (WPF/Silverlight or “Modern” apps for Windows 8), and create prototypes with SketchFlow. Despite the close integration of all of its the components, Microsoft Expression is a set of separate tools which means that you can delegate work associated with UX to a user interface expert who does not necessarily need to be a programming expert.
As you can see the number of technologies and tools provided by Microsoft is huge. Don’t forget about the countless shared materials, documentation, conferences and trainings to promote their products and to expand the knowledge of specialists, creating a kind of expert community. The products included in the .NET platform support nearly every aspect of the project from the beginning to the end, streamlining and speeding up the project implementation by providing ready to use and proven practices.